TABLE OF CONTENTS TOPIC INTRODUCTION HISTORY OF POINT-TO-POINT PROTOCOL DSECRIPTION OF POINT-TO-POINT PROTOCOL’S IMPLEMENTATION SECURITY ISSUE OF POINT-TO-POINT PROTOCOL CONCLUSION REFERENCES APPENDICES
INTRODUCTION
PPP is short for Point to Point Protocol. It is a data link protocol usually used to connecting a computer to the Internet. PPP is more stable than the older SLIP protocol. It provides error checking features and support connection using multiple authentication protocol. PPP sends the computer's TCP/IP packets to a server that puts them onto the Internet which it working in data link layer. According to Wikipedia, Point-to-Point Protocol is a data link protocol commonly used to establish a direct connection between two networking nodes and it provides connection authentication, transmission encryption privacy and compression. Besides that, PPP also is a connection-oriented protocol that enables data link layer links over a variety of different physical layer connections. It is supported on both synchronous and asynchronous lines, and can operate in half-duplex or full-duplex mode. PPP was designed to carry IP traffic but is general enough to allow any type of network layer datagram to be sent over a PPP connection. Assuming that the frames are sent and received in the same order, PPP is for point to point connections between two devices as its name implies. In generally, the Point to Point Protocol provides a standard method for transporting multi protocol datagrams over point to point links. It is comprised of three main components which is the method for encapsulating multi-protocol datagrams, the Link Control Protocol (LCP) for establishing, configuring, and testing the data link connection and the family of Network Control Protocols (NCPs) for establishing and configuring different network layer protocols. The PPP acts as the interface between the internet protocol and a physical link such as a serial line or dial-up networking connection and this corresponds to data link layer in OSI model.
HISTORY OF POINT-TO-POINT PROTOCOL In the late 1980s, Serial Line Internet Protocol (SLIP) is the de facto standard for serial IP implementation. SLIP provides basic layer two framing for IP but it is too simple for many uses. It doesn’t provide many of the features such as reliable, secure and high performance operation over serial links that the users need since it frame the end of each datagram. The first formal IETF document related to PPP was RFC 1134, published in 1989 to solve the problem in SLIP. The RFC 1134 is not a standard but it is a proposal for what would eventually be defined. In 1990, another RFC is proposed which is RFC 1171 and it is the first main PPP standard. This early document has been revised several times and several other documents added that define the various protocols that comprises the entire PPP suite. PPP was not developed from scratch but it is made based on the High-Level Data Link Control (HDLC) protocol that developed by IBM. The framing structure of PPP and its general operation is adapted from HDLC protocol.
DESCRIPTION OF POINT-TO-POINT PROTOCOL’S IMPLEMENTATION What is Point-to-Point Protocol Point-to-Point Protocol is an open infrastructure communications protocol that is used for transmitting information over standard telephone lines. This protocol is a member of the TCP/IP suite of the network protocols. It is considered as an add-in or extension for the TCP/IP because it provides extra functionality that the TCP/IP itself does not support - the transmission of TCP/IP packets over serial links. Since the TCP/IP itself does not support TCP/IP packet transmission over serial links, it is unsuitable for Wide Area Network which is expanded for up to thousands of miles. So, to make TCP/IP packets transmission possible over serial links, Point-to-Point Protocol is widely used in Wide Area Network protocols. It has intelligent self-configuration mechanism which uses Link Control Protocol (LCP), hence very easy to configure and manage. Why Point-to-Point Protocol? Point-to-Point Protocol supports packet encapsulation and various compression methods, and it is compatible and can run on any full-duplex link, as well as allowing multiplexing of various protocols over the same line. Besides, it also provides error detection and correction. Extra bandwidth can be achieved between systems by using multiple links to make a Multilink Point-to-Point Protocol. Where Point-to-Point Protocol is Used?
Point-to-Point Protocol is usually used on communication between two computers that uses a serial interface. Typically,
a computer is connected to a server by using phone line via modem. When the public telephone connection is used, care must be taken to ensure the authenticity of all communications. This can be done since Point-to-Point Protocol supports authentication. By using the public telephone line, two communicating computers or devices can be at a distance up to tens of miles away, sometimes hundreds or even thousands of miles away. How does Point-to-Point Work? To establish communications over a point-to-point link, both sides must have the same line speed. The originating PPP first send Link Control Program (LCP) frame containing configuration options to configure and test the data link. If a configuration option is not included in the LCP frame, the default value for the configuration is assumed. Once the link has been established and the optional facilities have been negotiated, the originating PPP will send Network Control Program (NCP) frame to choose and configure one or more network layer protocols.
Features
How It Operates
Protocol
Authentication
Require a password and perform Challenge Handshake.
PAP CHAP
Compression
Compress data at source; reproduce data at destination.
Stacker, Predictor, TCP Header, or MPPC.
Error Detection
Monitor data dropped on link Avoid frame looping
Quality Magic Number
Multilink
Load balancing across multiple links
Multilink Protocol (MP)
When configuring PPP authentication, the network administrator may choose to use either Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP).
SECURITY ISSUE OF POINT TO POINT PROTOCOL Point to Point protocol uses two authentication protocols which is Password Authentication Protocol (PAP), and the Challenge Handshake Authentication Protocol (CHAP). This two protocol are very important in the communication that using PPP protocol. For example, a clients dials into a Remote Access Server (RAS), server must verify the client’s credentials for authentication by using the client’s user account properties and remote access policies to authorize the connection. If the authentication and authorization succeed, the server only allows a connection. PAP protocol is different with the CHAP protocol. PAP works basically same way as the normal login procedure. The client authenticates itself by sending a username and password to the server. Then the server will compare the password to its secret database. This technique is vulnerable to person who tries to obtain the password by listening on the serial line. On the other hand, CHAP does not have these deficiencies. In CHAP, the server sends a randomly generated ``challenge'' string to the client, along with its hostname. The client uses the hostname to look up the appropriate secret, combines it with the challenge, and encrypts the string using a one-way hashing function. The result is returned to the server along with the client's hostname. The server now performs the same computation, and acknowledges the client if it arrives at the same result. The server keeping sending challenges for the user to reply and verify its identity several times during the connection making it a more secure connection from any intrusion. The advantage CHAP carries over PAP is the way a user is authenticated over a dial-up or direct PPP connection. Figure 1 PPP Password Authentication Protocol (PAP) Authentication Figure 2 PPP Challenge Handshake Authentication Protocol (CHAP) Authentication
CONCLUSION The Point-to-Point Protocol is needed indeed to allow TCP/IP packets transmission over the Wide Area Networks by using serial links via the telephone lines, since the TCP/IP itself does not support the transmission over serial links. Not only providing great distance TCP/IP packets transmission, Point-to-Point Protocol also provide authentication that ensures the authenticity of all communications. Without PPP, the internet connection provided to the users by ISP would have been more costly and unaffordable or even impossible. In the near future, it is believed that the PPP will adopt the next generation IP version 6, as defined in RFC 2472. This would surely make the internetworking communications more efficient and allow faster speed data communications.
TOPIC
INTRODUCTION
HISTORY OF POINT-TO-POINT PROTOCOL
DSECRIPTION OF POINT-TO-POINT PROTOCOL’S IMPLEMENTATION
SECURITY ISSUE OF POINT-TO-POINT PROTOCOL
CONCLUSION
REFERENCES
APPENDICES
INTRODUCTION
Besides that, PPP also is a connection-oriented protocol that enables data link layer links over a variety of different physical layer connections. It is supported on both synchronous and asynchronous lines, and can operate in half-duplex or full-duplex mode. PPP was designed to carry IP traffic but is general enough to allow any type of network layer datagram to be sent over a PPP connection. Assuming that the frames are sent and received in the same order, PPP is for point to point connections between two devices as its name implies.
In generally, the Point to Point Protocol provides a standard method for transporting multi protocol datagrams over point to point links. It is comprised of three main components which is the method for encapsulating multi-protocol datagrams, the Link Control Protocol (LCP) for establishing, configuring, and testing the data link connection and the family of Network Control Protocols (NCPs) for establishing and configuring different network layer protocols. The PPP acts as the interface between the internet protocol and a physical link such as a serial line or dial-up networking connection and this corresponds to data link layer in OSI model.
HISTORY OF POINT-TO-POINT PROTOCOL
In the late 1980s, Serial Line Internet Protocol (SLIP) is the de facto standard for serial IP implementation. SLIP provides basic layer two framing for IP but it is too simple for many uses. It doesn’t provide many of the features such as reliable, secure and high performance operation over serial links that the users need since it frame the end of each datagram. The first formal IETF document related to PPP was RFC 1134, published in 1989 to solve the problem in SLIP. The RFC 1134 is not a standard but it is a proposal for what would eventually be defined. In 1990, another RFC is proposed which is RFC 1171 and it is the first main PPP standard. This early document has been revised several times and several other documents added that define the various protocols that comprises the entire PPP suite. PPP was not developed from scratch but it is made based on the High-Level Data Link Control (HDLC) protocol that developed by IBM. The framing structure of PPP and its general operation is adapted from HDLC protocol.
DESCRIPTION OF POINT-TO-POINT PROTOCOL’S IMPLEMENTATION
What is Point-to-Point Protocol
Point-to-Point Protocol is an open infrastructure communications protocol that is used for transmitting information over standard telephone lines. This protocol is a member of the TCP/IP suite of the network protocols. It is considered as an add-in or extension for the TCP/IP because it provides extra functionality that the TCP/IP itself does not support - the transmission of TCP/IP packets over serial links. Since the TCP/IP itself does not support TCP/IP packet transmission over serial links, it is unsuitable for Wide Area Network which is expanded for up to thousands of miles. So, to make TCP/IP packets transmission possible over serial links, Point-to-Point Protocol is widely used in Wide Area Network protocols. It has intelligent self-configuration mechanism which uses Link Control Protocol (LCP), hence very easy to configure and manage.
Why Point-to-Point Protocol?
Point-to-Point Protocol supports packet encapsulation and various compression methods, and it is compatible and can run on any full-duplex link, as well as allowing multiplexing of various protocols over the same line. Besides, it also provides error detection and correction. Extra bandwidth can be achieved between systems by using multiple links to make a Multilink Point-to-Point Protocol.
Where Point-to-Point Protocol is Used?
a computer is connected to a server by using phone line via modem. When the public telephone connection is used, care must be taken to ensure the authenticity of all communications. This can be done since Point-to-Point Protocol supports authentication. By using the public telephone line, two communicating computers or devices can be at a distance up to tens of miles away, sometimes hundreds or even thousands of miles away.
How does Point-to-Point Work?
To establish communications over a point-to-point link, both sides must have the same line speed. The originating PPP first send Link Control Program (LCP) frame containing configuration options to configure and test the data link. If a configuration option is not included in the LCP frame, the default value for the configuration is assumed. Once the link has been established and the optional facilities have been negotiated, the originating PPP will send Network Control Program (NCP) frame to choose and configure one or more network layer protocols.
CHAP
Avoid frame looping
When configuring PPP authentication, the network administrator may choose to use either Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP).
SECURITY ISSUE OF POINT TO POINT PROTOCOL
Point to Point protocol uses two authentication protocols which is Password Authentication Protocol (PAP), and the Challenge Handshake Authentication Protocol (CHAP). This two protocol are very important in the communication that using PPP protocol. For example, a clients dials into a Remote Access Server (RAS), server must verify the client’s credentials for authentication by using the client’s user account properties and remote access policies to authorize the connection. If the authentication and authorization succeed, the server only allows a connection.
PAP protocol is different with the CHAP protocol. PAP works basically same way as the normal login procedure. The client authenticates itself by sending a username and password to the server. Then the server will compare the password to its secret database. This technique is vulnerable to person who tries to obtain the password by listening on the serial line. On the other hand, CHAP does not have these deficiencies. In CHAP, the server sends a randomly generated ``challenge'' string to the client, along with its hostname. The client uses the hostname to look up the appropriate secret, combines it with the challenge, and encrypts the string using a one-way hashing function. The result is returned to the server along with the client's hostname. The server now performs the same computation, and acknowledges the client if it arrives at the same result. The server keeping sending challenges for the user to reply and verify its identity several times during the connection making it a more secure connection from any intrusion. The advantage CHAP carries over PAP is the way a user is authenticated over a dial-up or direct PPP connection.
Figure 1 PPP Password Authentication Protocol (PAP) Authentication
Figure 2 PPP Challenge Handshake Authentication Protocol (CHAP) Authentication
CONCLUSION
The Point-to-Point Protocol is needed indeed to allow TCP/IP packets transmission over the Wide Area Networks by using serial links via the telephone lines, since the TCP/IP itself does not support the transmission over serial links.
Not only providing great distance TCP/IP packets transmission, Point-to-Point Protocol also provide authentication that ensures the authenticity of all communications. Without PPP, the internet connection provided to the users by ISP would have been more costly and unaffordable or even impossible.
In the near future, it is believed that the PPP will adopt the next generation IP version 6, as defined in RFC 2472. This would surely make the internetworking communications more efficient and allow faster speed data communications.
REFERENCES
http://www.spirent.com/documents/595.pdf
http://www.finepoint.com/white-papers/implementing-pppoe.pdf
http://www.ietf.org/rfc/rfc1661.txt
http://www.ietf.org/rfc/rfc2472.txt
http://www.north.ecasd.k12.wi.us/departments/tcs/Web Pages/Powerpoints/Cisco 4 Module 3-PPP.ppt